Information Security
An information security management system (ISMS) is a set of policies concerned with information security management or IT related risks.
The governing principle behind an ISMS is that an organization should design, implement and maintain a coherent set of policies, processes and systems to manage risks to its information assets, thus ensuring acceptable levels of information security risk.
Independent studies consistently rate Information Security designations among the highest paying IT certifications that an IT professional can earn.
E.g. ISACA certifications are globally accepted and recognized; the Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT) or Certified in Risk and Information Systems Control (CRISC) certification. These certifications combine the achievement of passing an exam with credit for your work and educational experience therefore giving you the high credibility.
Cyber Resilience is the ability for an organization to resist, respond to and recover from attacks that will impact the information they require to do business.
RESILIA™ is Cyber Resilience Best Practice designed to help organizations around the world prevent, detect and correct any impact cyber attacks will have on the information required to do business.
The RESILIA Foundation and Practitioner Certifications have been designed to support established IT control and business integration frameworks. It shows how these controls can be selected, deployed and best managed to enable individuals to understand how they can contribute to good cyber resilience.
What does the Cyber Resilience Best Practice Portfolio incorporate?
IT Service Management – IT Service Management best practices (ITIL) Guidance how to shift from managing IT services as stacks of technologies to customer-facing services that help an organization achieve its business goals.
IT Project Management – IT Project Management (Prince 2, PMP, etc.) enables organizations to improve their posture in delivering successful service outcomes by using knowledge, skills and techniques that tie project results to business outcomes.
Cybersecurity Management – Cybersecurity best practice guidance how enterprises can leverage existing cybersecurity frameworks and standards (NIST, etc.) to enable the organizational capability of cybersecurity.
Cyber Resilience Management – Cyber resilience best practices (RESILIA) provides guidance on how enterprises can leverage existing IT service systems systems (ITIL) and cybersecurity frameworks to enable an organization’s cyber resilience in terms of risk and business continuity management.
RESILIA – Cyber Resilience Best Practice Portfolio
RESILIA is comprised of foundational and practitioner education guidance and certification, leveraging existing IT Service Management Lifecycle (ITIL) and the NIST Cybersecurity Frameworks to enable organizational cyber resilience in terms of risk and business continuity management.
- Introduction – Concept of cyber resilience, characteristics, benefits, resilience levels, real-word examples, and alignment with business outcomes
- Risk Management – Cyber risk management approach, assets, threats, vulnerabilities and risks, actions to address risks and opportunities
- Managing Cyber Resilience – Need for a single management system to ensure delivery of cyber resilience aligned to business goals, ISO standards, COBIT 5, NIST Cybersecurity Frameworks, ITIL Service Lifecycle
- Cyber Resilience Strategy – Service strategy stage of the cyber resilience lifecycle, objectives and controls, strategy scenarios
- Cyber Resilience Design – Service design stage of the cyber resilience lifecycle, objectives and controls, design scenarios
- Cyber Resilience Transition – Service transition stage of the cyber resilience lifecycle, objectives and controls, transition scenarios
- Cyber Resilience Operations – Operation stage of the cybersecurity resilience lifecycle, objectives and controls, operation scenarios
- Cyber Resilience Continual Improvement – Continual improvement stage of the cyber resilience lifecycle, objectives and controls, alignment to IT continual improvement service management, ITIL CSI planning approach
- Cyber Resilience Roles and Responsibilities – Role and responsibilities across the organization to achieve cyber resilience, segregation of duties and dual controls
